Changes in / [166a571:991c75f]

Files:

• .travis.yml (modified) (3 diffs)
• Makefile (modified) (1 diff)
• auth.c (added)
• auth.h (added)
• auth_ldap.c (added)
• auth_pam.c (added)
• bitlbee.conf (modified) (2 diffs)
• bitlbee.h (modified) (2 diffs)
• conf.c (modified) (3 diffs)
• conf.h (modified) (1 diff)
• configure (modified) (3 diffs)
• irc.h (modified) (1 diff)
• irc_cap.c (modified) (1 diff)
• irc_commands.c (modified) (1 diff)
• protocols/account.c (modified) (2 diffs)
• protocols/account.h (modified) (2 diffs)
• root_commands.c (modified) (7 diffs)
• set.h (modified) (1 diff)
• storage.c (modified) (4 diffs)
• storage.h (modified) (3 diffs)
• storage_xml.c (modified) (14 diffs)
• tests/Makefile (modified) (1 diff)
• unix.c (modified) (1 diff)

.travis.yml

@@ -3 +3 @@
 
 script:
- - ./configure
+ - ./configure --pam=1 --ldap=1
  - make check
  - BITLBEE_SKYPE=plugin dpkg-buildpackage -uc -us -d
@@ -29 +29 @@
     - libpurple-dev
     - check
+    - libpam0g-dev
+    - libldap2-dev
   coverity_scan:
     project:
@@ -34 +36 @@
       description: "An IRC to other chat networks gateway"
     notification_email: dx@dxzone.com.ar
-    build_command_prepend: ./configure --otr=1 --debug=1
+    build_command_prepend: ./configure --otr=1 --debug=1 --pam=1 --ldap=1
     build_command: make
     branch_pattern: coverity_scan

Makefile

@@ -10 +10 @@
 
 # Program variables
-objects = bitlbee.o dcc.o help.o ipc.o irc.o irc_im.o irc_cap.o irc_channel.o irc_commands.o irc_send.o irc_user.o irc_util.o nick.o $(OTR_BI) query.o root_commands.o set.o storage.o $(STORAGE_OBJS) unix.o conf.o log.o
+objects = bitlbee.o dcc.o help.o ipc.o irc.o irc_im.o irc_cap.o irc_channel.o irc_commands.o irc_send.o irc_user.o irc_util.o nick.o $(OTR_BI) query.o root_commands.o set.o storage.o $(STORAGE_OBJS) auth.o $(AUTH_OBJS) unix.o conf.o log.o
 headers = $(wildcard $(_SRCDIR_)*.h $(_SRCDIR_)lib/*.h $(_SRCDIR_)protocols/*.h)
 subdirs = lib protocols

bitlbee.conf

@@ -52 +52 @@
 # AuthMode = Open
 
+## AuthBackend
+##
+## By default, the authentication data for a user is stored in the storage
+## backend. If you want to authenticate against another authentication system
+## (e.g. ldap), you can specify that here.
+##
+## Beware that this disables password changes and causes passwords for the
+## accounts people create to be stored in plain text instead of encrypted with
+## their bitlbee password.
+##
+## Currently available backends:
+##
+## - storage (internal storage)
+## - pam (Linux PAM authentication)
+## - ldap (LDAP server configured in the openldap settings)
+#
+# AuthBackend = storage
+#
+
 ## AuthPassword
 ##
@@ -69 +88 @@
 ## or
 # OperPassword = md5:I0mnZbn1t4R731zzRdDN2/pK7lRX
+
+## AllowAccountAdd
+##
+## Whether to allow registered and identified users to add new accounts using
+## 'account add'
+##
+# AllowAccountAdd 1
 
 ## HostName

bitlbee.h

@@ -133 +133 @@
 #include "irc.h"
 #include "storage.h"
+#include "auth.h"
 #include "set.h"
 #include "nogaim.h"
@@ -154 +155 @@
         conf_t *conf;
         GList *storage; /* The first backend in the list will be used for saving */
+        GList *auth;    /* Authentication backends */
         char *helpfile;
         int restart;

conf.c

@@ -55 +55 @@
         conf->runmode = RUNMODE_INETD;
         conf->authmode = AUTHMODE_OPEN;
+        conf->auth_backend = NULL;
         conf->auth_pass = NULL;
         conf->oper_pass = NULL;
+        conf->allow_account_add = 1;
         conf->configdir = g_strdup(CONFIG);
         conf->plugindir = g_strdup(PLUGINDIR);
@@ -240 +242 @@
                                         conf->authmode = AUTHMODE_OPEN;
                                 }
+                        } else if (g_strcasecmp(ini->key, "authbackend") == 0) {
+                                if (g_strcasecmp(ini->value, "storage") == 0) {
+                                        conf->auth_backend = NULL;
+                                } else if (g_strcasecmp(ini->value, "pam") == 0 ||
+                                         g_strcasecmp(ini->value, "ldap") == 0) {
+                                        g_free(conf->auth_backend);
+                                        conf->auth_backend = g_strdup(ini->value);
+                                } else {
+                                        fprintf(stderr, "Invalid %s value: %s\n", ini->key, ini->value);
+                                        return 0;
+                                }
                         } else if (g_strcasecmp(ini->key, "authpassword") == 0) {
                                 g_free(conf->auth_pass);
@@ -246 +259 @@
                                 g_free(conf->oper_pass);
                                 conf->oper_pass = g_strdup(ini->value);
+                        } else if (g_strcasecmp(ini->key, "allowaccountadd") == 0) {
+                                if (!is_bool(ini->value)) {
+                                        fprintf(stderr, "Invalid %s value: %s\n", ini->key, ini->value);
+                                        return 0;
+                                }
+                                conf->allow_account_add = bool2int(ini->value);
                         } else if (g_strcasecmp(ini->key, "hostname") == 0) {
                                 g_free(conf->hostname);

conf.h

@@ -37 +37 @@
         runmode_t runmode;
         authmode_t authmode;
+        char *auth_backend;
         char *auth_pass;
         char *oper_pass;
+        int allow_account_add;
         char *hostname;
         char *configdir;

configure

@@ -52 +52 @@
 ssl=auto
 
+pam=0
+ldap=0
+
 pie=1
 
@@ -133 +136 @@
 --purple=0/1    Disable/enable libpurple support        $purple
                 (automatically disables other protocol modules)
+
+--pam=0/1       Disable/enable PAM authentication       $pam
+--ldap=0/1      Disable/enable LDAP authentication      $ldap
 
 --doc=0/1       Disable/enable help.txt generation      $doc
@@ -628 +634 @@
 done
 echo "STORAGE_OBJS="$STORAGE_OBJS >> Makefile.settings
+
+authobjs=
+authlibs=
+if [ "$pam" = 0 ]; then
+        echo '#undef WITH_PAM' >> config.h
+else
+        if ! echo '#include <security/pam_appl.h>' | $CC -E - >/dev/null 2>/dev/null; then
+                echo 'Cannot find libpam development libraries, aborting. (Install libpam0g-dev?)'
+                exit 1
+        fi
+        echo '#define WITH_PAM' >> config.h
+        authobjs=$authobjs'auth_pam.o '
+        authlibs=$authlibs'-lpam '
+fi
+if [ "$ldap" = 0 ]; then
+        echo '#undef WITH_LDAP' >> config.h
+else
+        if ! echo '#include <ldap.h>' | $CC -E - >/dev/null 2>/dev/null; then
+                echo 'Cannot find libldap development libraries, aborting. (Install libldap2-dev?)'
+                exit 1
+        fi
+        echo '#define WITH_LDAP' >> config.h
+        authobjs=$authobjs'auth_ldap.o '
+        authlibs=$authlibs'-lldap '
+fi
+echo AUTH_OBJS=$authobjs >> Makefile.settings
+echo EFLAGS+=$authlibs >> Makefile.settings
 
 if [ "$strip" = 0 ]; then

irc.h

@@ -92 +92 @@
                            logging in, this may contain a password we should
                            send to identify after USER/NICK are received. */
+        char *auth_backend;
 
         char umode[8];

irc_cap.c

@@ -177 +177 @@
 
         } else if (g_strcasecmp(cmd[1], "END") == 0) {
+                if (!(irc->status & USTATUS_CAP_PENDING)) {
+                        return;
+                }
                 irc->status &= ~USTATUS_CAP_PENDING;
 

irc_commands.c

@@ -97 +97 @@
         /* just check the password here to be able to reply with useful numerics
          * the actual identification will be handled later */
-        status = storage_check_pass(user, pass);
+        status = auth_check_pass(irc, user, pass);
 
         if (status == STORAGE_OK) {

protocols/account.c

@@ -67 +67 @@
 
         s = set_add(&a->set, "password", NULL, set_eval_account, a);
-        s->flags |= SET_NOSAVE | SET_NULL_OK | SET_PASSWORD;
+        s->flags |= SET_NOSAVE | SET_NULL_OK | SET_PASSWORD | ACC_SET_LOCKABLE;
 
         s = set_add(&a->set, "tag", NULL, set_eval_account, a);
@@ -73 +73 @@
 
         s = set_add(&a->set, "username", NULL, set_eval_account, a);
-        s->flags |= SET_NOSAVE | ACC_SET_OFFLINE_ONLY;
+        s->flags |= SET_NOSAVE | ACC_SET_OFFLINE_ONLY | ACC_SET_LOCKABLE;
         set_setstr(&a->set, "username", user);
 

protocols/account.h

@@ -63 +63 @@
         ACC_SET_OFFLINE_ONLY = 0x02,    /* Allow changes only if the acct is offline. */
         ACC_SET_ONLINE_ONLY = 0x04,     /* Allow changes only if the acct is online. */
+        ACC_SET_LOCKABLE = 0x08         /* Setting cannot be changed if the account is locked down */
 } account_set_flag_t;
 
@@ -70 +71 @@
         ACC_FLAG_HANDLE_DOMAINS = 0x04, /* Contact handles need a domain portion. */
         ACC_FLAG_LOCAL = 0x08,          /* Contact list is local. */
+        ACC_FLAG_LOCKED = 0x10,         /* Account is locked (cannot be deleted, certain settings can't changed) */
 } account_flag_t;
 

root_commands.c

@@ -143 +143 @@
         }
 
-        if (load) {
+        status = auth_check_pass(irc, irc->user->nick, password);
+        if (load && (status == STORAGE_OK)) {
                 status = storage_load(irc, password);
-        } else {
-                status = storage_check_pass(irc->user->nick, password);
         }
 
@@ -159 +158 @@
                 irc_rootmsg(irc, "Password accepted%s",
                             load ? ", settings and accounts loaded" : "");
-                irc_setpass(irc, password);
                 irc->status |= USTATUS_IDENTIFIED;
                 irc_umode_set(irc, "+R", 1);
@@ -268 +266 @@
         storage_status_t status;
 
-        status = storage_remove(irc->user->nick, cmd[1]);
+        status = auth_check_pass(irc, irc->user->nick, cmd[1]);
+        if (status == STORAGE_OK) {
+                status = storage_remove(irc->user->nick);
+        }
+
         switch (status) {
         case STORAGE_NO_SUCH_USER:
@@ -340 +342 @@
                 int st;
 
+                if (s && s->flags & SET_LOCKED) {
+                        irc_rootmsg(irc, "This setting can not be changed");
+                        return 0;
+                }
                 if (s && checkflags && checkflags(irc, s) == 0) {
                         return 0;
@@ -388 +394 @@
                 irc_rootmsg(irc, "This setting can only be changed when the account is %s-line", "on");
                 return 0;
+        } else if (a->flags & ACC_FLAG_LOCKED && s && s->flags & ACC_SET_LOCKABLE) {
+                irc_rootmsg(irc, "This setting can not be changed for locked accounts");
+                return 0;
         }
 
@@ -409 +418 @@
 
                 MIN_ARGS(3);
+
+                if (!global.conf->allow_account_add) {
+                        irc_rootmsg(irc, "This server does not allow adding new accounts");
+                        return;
+                }
 
                 if (cmd[4] == NULL) {
@@ -547 +561 @@
 
         if (len >= 1 && g_strncasecmp(cmd[2], "del", len) == 0) {
-                if (a->ic) {
+                if (a->flags & ACC_FLAG_LOCKED) {
+                        irc_rootmsg(irc, "Account is locked, can't delete");
+                }
+                else if (a->ic) {
                         irc_rootmsg(irc, "Account is still logged in, can't delete");
                 } else {

set.h

@@ -49 +49 @@
         SET_PASSWORD = 0x0400, /* Value shows up in settings list as "********". */
         SET_HIDDEN_DEFAULT = 0x0800, /* Hide unless changed from default. */
+        SET_LOCKED = 0x1000    /* Setting is locked, don't allow changing it */
 } set_flags_t;
 

storage.c

@@ -87 +87 @@
 }
 
-storage_status_t storage_check_pass(const char *nick, const char *password)
+storage_status_t storage_check_pass(irc_t *irc, const char *nick, const char *password)
 {
         GList *gl;
@@ -97 +97 @@
                 storage_status_t status;
 
-                status = st->check_pass(nick, password);
+                status = st->check_pass(irc, nick, password);
                 if (status != STORAGE_NO_SUCH_USER) {
                         return status;
@@ -171 +171 @@
 }
 
-storage_status_t storage_remove(const char *nick, const char *password)
+storage_status_t storage_remove(const char *nick)
 {
         GList *gl;
@@ -185 +185 @@
                 storage_status_t status;
 
-                status = st->remove(nick, password);
+                status = st->remove(nick);
                 ok |= status == STORAGE_OK;
                 if (status != STORAGE_NO_SUCH_USER && status != STORAGE_OK) {

storage.h

@@ -31 +31 @@
         STORAGE_NO_SUCH_USER,
         STORAGE_INVALID_PASSWORD,
+        STORAGE_CHECK_BACKEND,
         STORAGE_ALREADY_EXISTS,
         STORAGE_OTHER_ERROR /* Error that isn't caused by user input, such as
@@ -43 +44 @@
         void (*init)(void);
 
-        storage_status_t (*check_pass)(const char *nick, const char *password);
+        storage_status_t (*check_pass)(irc_t *irc, const char *nick, const char *password);
 
         storage_status_t (*load)(irc_t *irc, const char *password);
         storage_status_t (*save)(irc_t *irc, int overwrite);
-        storage_status_t (*remove)(const char *nick, const char *password);
+        storage_status_t (*remove)(const char *nick);
 
         /* May be NULL if not supported by backend */
@@ -53 +54 @@
 } storage_t;
 
-storage_status_t storage_check_pass(const char *nick, const char *password);
+storage_status_t storage_check_pass(irc_t *irc, const char *nick, const char *password);
 
 storage_status_t storage_load(irc_t * irc, const char *password);
 storage_status_t storage_save(irc_t *irc, char *password, int overwrite);
-storage_status_t storage_remove(const char *nick, const char *password);
+storage_status_t storage_remove(const char *nick);
 
 void register_storage_backend(storage_t *);

storage_xml.c

@@ -34 +34 @@
 
 typedef enum {
-        XML_PASS_CHECK_ONLY = -1,
-        XML_PASS_UNKNOWN = 0,
-        XML_PASS_WRONG,
-        XML_PASS_OK
-} xml_pass_st;
+        XML_PASS_CHECK = 0,
+        XML_LOAD
+} xml_action;
 
 /* To make it easier later when extending the format: */
@@ -65 +63 @@
 {
         struct xt_node *c;
+        struct set *s;
 
         for (c = node->children; (c = xt_find_node(c, "setting")); c = c->next) {
                 char *name = xt_find_attr(c, "name");
+                char *locked = xt_find_attr(c, "locked");
 
                 if (!name) {
@@ -80 +80 @@
                 }
                 set_setstr(head, name, c->text);
+                if (locked && !g_strcasecmp(locked, "true")) {
+                        s = set_find(head, name);
+                        if (s) {
+                                s->flags |= SET_LOCKED;
+                        }
+                }
         }
 }
@@ -86 +92 @@
 {
         struct xml_parsedata *xd = data;
-        char *protocol, *handle, *server, *password = NULL, *autoconnect, *tag;
+        char *protocol, *handle, *server, *password = NULL, *autoconnect, *tag, *locked;
         char *pass_b64 = NULL;
         unsigned char *pass_cr = NULL;
@@ -99 +105 @@
         autoconnect = xt_find_attr(node, "autoconnect");
         tag = xt_find_attr(node, "tag");
+        locked = xt_find_attr(node, "locked");
 
         protocol = xt_find_attr(node, "protocol");
@@ -112 +119 @@
         if (!handle || !pass_b64 || !protocol || !prpl) {
                 return XT_ABORT;
-        } else if ((pass_len = base64_decode(pass_b64, (unsigned char **) &pass_cr)) &&
-                   arc_decode(pass_cr, pass_len, &password, xd->given_pass) >= 0) {
-                acc = account_add(xd->irc->b, prpl, handle, password);
-                if (server) {
-                        set_setstr(&acc->set, "server", server);
-                }
-                if (autoconnect) {
-                        set_setstr(&acc->set, "auto_connect", autoconnect);
-                }
-                if (tag) {
-                        set_setstr(&acc->set, "tag", tag);
-                }
-                if (local) {
-                        acc->flags |= ACC_FLAG_LOCAL;
-                }
+        }
+
+        pass_len = base64_decode(pass_b64, (unsigned char **) &pass_cr);
+        if (xd->irc->auth_backend) {
+                password = g_strdup((char *)pass_cr);
         } else {
-                g_free(pass_cr);
-                g_free(password);
-                return XT_ABORT;
+                pass_len = arc_decode(pass_cr, pass_len, &password, xd->given_pass);
+                if (pass_len < 0) {
+                        g_free(pass_cr);
+                        g_free(password);
+                        return XT_ABORT;
+                }
+        }
+
+        acc = account_add(xd->irc->b, prpl, handle, password);
+        if (server) {
+                set_setstr(&acc->set, "server", server);
+        }
+        if (autoconnect) {
+                set_setstr(&acc->set, "auto_connect", autoconnect);
+        }
+        if (tag) {
+                set_setstr(&acc->set, "tag", tag);
+        }
+        if (local) {
+                acc->flags |= ACC_FLAG_LOCAL;
+        }
+        if (locked && !g_strcasecmp(locked, "true")) {
+                acc->flags |= ACC_FLAG_LOCKED;
         }
 
@@ -186 +203 @@
 };
 
-static storage_status_t xml_load_real(irc_t *irc, const char *my_nick, const char *password, xml_pass_st action)
+static storage_status_t xml_load_real(irc_t *irc, const char *my_nick, const char *password, xml_action action)
 {
         struct xml_parsedata xd[1];
@@ -228 +245 @@
         }
 
-        {
+        if (action == XML_PASS_CHECK) {
                 char *nick = xt_find_attr(node, "nick");
                 char *pass = xt_find_attr(node, "password");
-
-                if (!nick || !pass) {
+                char *backend = xt_find_attr(node, "auth_backend");
+
+                if (!nick || !(pass || backend)) {
                         goto error;
+                }
+
+                if (backend) {
+                        g_free(xd->irc->auth_backend);
+                        xd->irc->auth_backend = g_strdup(backend);
+                        ret = STORAGE_CHECK_BACKEND;
                 } else if ((st = md5_verify_password(xd->given_pass, pass)) != 0) {
                         ret = STORAGE_INVALID_PASSWORD;
-                        goto error;
-                }
-        }
-
-        if (action == XML_PASS_CHECK_ONLY) {
-                ret = STORAGE_OK;
-                goto error;
-        }
-
-        /* DO NOT call xt_handle() before verifying the password! */
+                } else {
+                        ret = STORAGE_OK;
+                }
+                goto error;
+        }
+
         if (xt_handle(xp, NULL, 1) == XT_HANDLED) {
                 ret = STORAGE_OK;
@@ -260 +280 @@
 static storage_status_t xml_load(irc_t *irc, const char *password)
 {
-        return xml_load_real(irc, irc->user->nick, password, XML_PASS_UNKNOWN);
-}
-
-static storage_status_t xml_check_pass(const char *my_nick, const char *password)
-{
-        return xml_load_real(NULL, my_nick, password, XML_PASS_CHECK_ONLY);
+        return xml_load_real(irc, irc->user->nick, password, XML_LOAD);
+}
+
+static storage_status_t xml_check_pass(irc_t *irc, const char *my_nick, const char *password)
+{
+        return xml_load_real(irc, my_nick, password, XML_PASS_CHECK);
 }
 
@@ -280 +300 @@
         struct xt_node *root, *cur;
 
-        /* Generate a salted md5sum of the password. Use 5 bytes for the salt
-           (to prevent dictionary lookups of passwords) to end up with a 21-
-           byte password hash, more convenient for base64 encoding. */
-        random_bytes(pass_md5 + 16, 5);
-        md5_init(&md5_state);
-        md5_append(&md5_state, (md5_byte_t *) irc->password, strlen(irc->password));
-        md5_append(&md5_state, pass_md5 + 16, 5);   /* Add the salt. */
-        md5_finish(&md5_state, pass_md5);
-        /* Save the hash in base64-encoded form. */
-        pass_buf = base64_encode(pass_md5, 21);
-
         root = cur = xt_new_node("user", NULL, NULL);
+        if (irc->auth_backend) {
+                xt_add_attr(cur, "auth_backend", irc->auth_backend);
+        } else {
+                /* Generate a salted md5sum of the password. Use 5 bytes for the salt
+                   (to prevent dictionary lookups of passwords) to end up with a 21-
+                   byte password hash, more convenient for base64 encoding. */
+                random_bytes(pass_md5 + 16, 5);
+                md5_init(&md5_state);
+                md5_append(&md5_state, (md5_byte_t *) irc->password, strlen(irc->password));
+                md5_append(&md5_state, pass_md5 + 16, 5);   /* Add the salt. */
+                md5_finish(&md5_state, pass_md5);
+                /* Save the hash in base64-encoded form. */
+                pass_buf = base64_encode(pass_md5, 21);
+                xt_add_attr(cur, "password", pass_buf);
+                g_free(pass_buf);
+        }
+
         xt_add_attr(cur, "nick", irc->user->nick);
-        xt_add_attr(cur, "password", pass_buf);
         xt_add_attr(cur, "version", XML_FORMAT_VERSION);
-
-        g_free(pass_buf);
 
         xml_generate_settings(cur, &irc->b->set);
@@ -307 +330 @@
                 int pass_len;
 
-                pass_len = arc_encode(acc->pass, strlen(acc->pass), (unsigned char **) &pass_cr, irc->password, 12);
-                pass_b64 = base64_encode(pass_cr, pass_len);
-                g_free(pass_cr);
+                if(irc->auth_backend) {
+                        /* If we don't "own" the password, it may change without us
+                         * knowing, so we cannot encrypt the data, as we then may not be
+                         * able to decrypt it */
+                        pass_b64 = base64_encode((unsigned char *)acc->pass, strlen(acc->pass));
+                } else {
+                        pass_len = arc_encode(acc->pass, strlen(acc->pass), (unsigned char **) &pass_cr, irc->password, 12);
+                        pass_b64 = base64_encode(pass_cr, pass_len);
+                        g_free(pass_cr);
+                }
 
                 cur = xt_new_node("account", NULL, NULL);
@@ -320 +350 @@
                         xt_add_attr(cur, "server", acc->server);
                 }
+                if (acc->flags & ACC_FLAG_LOCKED) {
+                        xt_add_attr(cur, "locked", "true");
+                }
 
                 g_free(pass_b64);
@@ -364 +397 @@
                         xt_add_child(cur, xset = xt_new_node("setting", set->value, NULL));
                         xt_add_attr(xset, "name", set->key);
+                        if (set->flags & SET_LOCKED) {
+                                xt_add_attr(xset, "locked", "true");
+                        }
                 }
         }
@@ -422 +458 @@
 
 
-static storage_status_t xml_remove(const char *nick, const char *password)
+static storage_status_t xml_remove(const char *nick)
 {
         char s[512], *lc;
-        storage_status_t status;
-
-        status = xml_check_pass(nick, password);
-        if (status != STORAGE_OK) {
-                return status;
-        }
 
         lc = g_strdup(nick);

tests/Makefile

@@ -15 +15 @@
 distclean: clean
 
-main_objs = bitlbee.o conf.o dcc.o help.o ipc.o irc.o irc_cap.o irc_channel.o irc_commands.o irc_im.o irc_send.o irc_user.o irc_util.o irc_commands.o log.o nick.o query.o root_commands.o set.o storage.o storage_xml.o
+main_objs = bitlbee.o conf.o dcc.o help.o ipc.o irc.o irc_cap.o irc_channel.o irc_commands.o irc_im.o irc_send.o irc_user.o irc_util.o irc_commands.o log.o nick.o query.o root_commands.o set.o storage.o storage_xml.o auth.o auth_pam.o auth_ldap.o
 
 test_objs = check.o check_util.o check_nick.o check_md5.o check_arc.o check_irc.o check_help.o check_user.o check_set.o check_jabber_sasl.o check_jabber_util.o

unix.c

@@ -104 +104 @@
         }
 
+        global.auth = auth_init(global.conf->auth_backend);
+        if (global.conf->auth_backend && global.auth == NULL) {
+                log_message(LOGLVL_ERROR, "Unable to load authentication backend '%s'", global.conf->auth_backend);
+                return(1);
+        }
+
         if (global.conf->runmode == RUNMODE_INETD) {
                 log_link(LOGLVL_ERROR, LOGOUTPUT_IRC);